From mboxrd@z Thu Jan 1 00:00:00 1970 From: Patrick McHardy Subject: Re: [PATCH 4/7] xt_mark match rev 1 Date: Mon, 17 Dec 2007 13:47:48 +0100 Message-ID: <47666FF4.6040102@trash.net> References: <475E65AC.9080901@trash.net> <4763F8FE.5040607@netfilter.org> <47640412.5050207@netfilter.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Cc: Jan Engelhardt , Netfilter Developer Mailing List To: Pablo Neira Ayuso Return-path: Received: from stinky.trash.net ([213.144.137.162]:56773 "EHLO stinky.trash.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752033AbXLQMsf (ORCPT ); Mon, 17 Dec 2007 07:48:35 -0500 In-Reply-To: <47640412.5050207@netfilter.org> Sender: netfilter-devel-owner@vger.kernel.org List-ID: Pablo Neira Ayuso wrote: > Jan Engelhardt wrote: >> What will netlink bring us, with respect to the two states: >> - old iptables, new kernel >> - new iptables, old kernel >> so matching some UUIDs (and .revision is one, more or less) seems like the way >> to go. > > Netlink doesn't stick us to fixed structure layouts as it happens to the > current interface since we represent the messages kernel <-> userspace > in TLV (type-length-value) format. Thus, userspace and kernel won't > share structures and new features just require a new type. For that > reason, the netlink interface won't require such revision infrastructure. > > Not that I'm against your patches, I'm just stating the right direction > to go for those 5-10 years that you have mentioned. And of course, we > don't have a single line of such interface at the moment :) Actually we do, I've been working on it, but had to interrupt for some other stuff. I hope to get back to it over christmas and beginning of next year. The goal is to add a compat layer for old iptables userspace, but I don't really care about how ugly it gets since we hopefully never have to look at it again until its removal :)